May 2021

The following is the new feature available with the Xshield version released on the 4th of May 2021:

Policy Violation alerts for Workload groups

Policy Violation alerts are Xshield Traffic alerts of Medium severity, generated when Xshield policies enforced on a Workload group are violated (Blocked traffic). Policy Violation alerts are listed on the Alerts page and are available for selection in the Rules filters on the page. 

A Policy Violation alert is generated only at the first occurrence of a unique policy-violating flow to a Workload group. Alerts are not generated for the subsequent violating flows of the same tuple until the original alert is actioned (Investigate, Suppress, or Dismiss the alert).

Email notifications for Policy Violation alerts

As the Org Admin or Instance Admin for the instance, you can also enable email notifications for Policy Violation alerts. When enabled, the Org Admin and the Instance Admins, Asset Managers, and Policy Managers of the instance receive email notifications.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.